Newbie-security

Not sure if this deserves to be in the "How To" section, but I figured it might save someone a few headaches and a lot of googling.



Download:


http://www.orbit-lab.org/kernel/comp...2.6.33.tar.bz2

Code:

tar -xf /root/compat-wireless-2.6.33.tar.bz2
cd compat-wireless-2.6.33
make
make install
shutdown now -r

Once rebooted:

Code:

start-network

Then, Wicd Manager=>Preferences=>Wireless Interface: wlan0

Refresh and you should see some wireless networks.



Thanks to dustyboner for directing me to the compat drivers.



****kukubau was able to get it working using these commands. Anyone that tries either of these, please let me know if they work.

Code:

tar -xf /path/to/compat-wireless-2.6.33.tar.bz2 - latest stable compat-wireless drivers

cd /path/to/compat-wireless-2.6.33.tar.bz2

./scripts/driver-select - it will show you a list of supported hardware

./scripts/driver-select - VERY IMPORTANT - WRITE THE DRIVER FOR YOUR CARD. FOR ATHEROS - ath9k

so

./scripts/driver-select ath9k

make

sudo make install

I’ve automated the customising process of the livecd to a convenient script which can be run on the BT4 Pre final (and future) release. This script sets up a build environment for you and drops you off in a modifiable chroot. You update, upgrade, add, remove packages, and then exit the shell. The script goes on to build a modified iso for you, including the updates and additions you introduced.
The script is very basic, with many elements hard coded (for example, the iso name expected is bt4.iso), but is easily modifiable.  In this video demonstration we install the broadcom wireless drivers, to support the Broadcom Corporation BCM4322 802.11a/b/g/n Wireless LAN Controller (rev 01) card in Macbooks. In addition, we update our backtrack tools to the most recent versions.
The script is available here: http://www.offensive-security.com/bt4-customise.sh
Check it out here : Customising BT4 the easy way

This method of getting a live install to a USB drive is the simplest available using Unetbootin. Note that we will format the USB drive and erase its contents.

1. Plug in your USB Drive (Minimum USB Drive capacity 2 GB)
2. Format the USB drive to FAT32
3. Download Unetbootin from http://unetbootin.sourceforge.net/
4. Start Unetbootin and select diskimage (use the backtrack-final ISO)
5. Select your USB drive and click “OK” for creating a bootable BackTrack USB drive
6. Log into BackTrack with the default username and password root / toor.

This method of installation is the simplest available. The assumption is that the whole hard drive is going to be used for BackTrack.

1. Boot BackTrack on the machine to be installed. Once booted, type in “startx” to get to the KDE graphical interface.
2. Double click the “install.sh” script on the desktop, or run the command “ubiquity” in console.
3. Select your geographical location and click “forward”.  Same for the Keyboard layout.
4. The next screen allows you to configure the partitioning layout. The assumption is that we are deleting the whole drive and installing BackTrack on it.
5. Accept the installation summary and client “Install”. Allow the installation to run and complete. Restart when done.
6. Log into BackTrack with the default username and password root / toor. Change root password.
7. Fix the framebuffer splash by typing “fix-splash” ( or “fix-splash800″ if you wish a 800×600 framebuffer), reboot.

When you first boot up the new Backtrack 4, you may have noticed something slightly different. So what is this “Start BackTrack Forensics” option about?

Live CDs and Forensics

For a long time now, Linux Live CDs have been very useful for forensic acquisition purposes in instances where for one reason or another you can’t utilize a hardware write blocker. When configured not to automount drives, and a little bit of know how, a Linux Live CD can be a wonderful software write blocker. For a Linux live CD to be considered for this purpose however, it is of the utmost importance that the use of the live CD in no way alters any data in any manner. In the past, this ruled out the use of Backtrack for forensic purposes. Backtrack would automount available drives and utilize swap partitions where available. This could cause all sorts of havoc, changing last mount times, altering data on disk, and so on. Well, no longer! The Backtrack 4 Live CD has incorporated changes to allow a boot mode which is forensically clean. This is great news, as with Backtrack being such a popular live CD, a copy can often be found close at hand.

How?

So, lets have the scoop. Forensic people are often detail oriented and very conservative, so how do we know it is safe to use? Well, first off the Backtrack 4 Live CD is based off of Casper, and contains no filesystem automount scripts at all. The system initialization scripts have been altered in the forensic boot mode so that Backtrack 4 will not look for or make use of any swap partitions which are contained on the system. All those scripts have been removed from the system.

Verification

To test this functionality, we have tested this boot mode with multiple hardware configurations. For each test, we took a before MD5 snapshot of the system disks, booted BT4 in forensic boot mode, verified no file systems were mounted and swap was not in use, did a number of activities on the system, then shut the system back down and took an after MD5 snapshot. In comparing the two MD5 snapshots, in every case they were a match, demonstrating no changes on the disks has been made. So, can you trust Backtrack 4 for your forensic purposes? Well, not until you verify it as well! Just like any forensic tool, its negligent to just take someone else’s word that any tool works properly. Its up to you to independently verify the tool before you use it. We expect your results will match ours, and you will find Backtrack 4 is a great addition to you tool set. (And, if your results find a problem, please let us know ASAP and include details as to how you conducted your testing. As, that would be a real problem.)

Usage

When you utilize Backtrack for forensics purposes, be sure you don’t let it go through an unattended boot. Default boot for Backtrack is standard boot mode, which will use swap partitions if they are present. There is a nice long delay however, so you will have plenty of time to select the proper boot mode. Also, please remember, this is a Linux distribution. It is highly suggested that you become familiar with Linux before use this, or any other Linux Live CD for any forensic purpose. Also, be sure to check out the additional forensic tools added to Backtrack 4. We have concentrated on the addition of imaging and triage tools, but if you find that one of your favorite utilities is not in place please let us know so we can look into having it added.